Charles Steinkuehler wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > KP Kirchdoerfer wrote: > >> On Wednesday 19 December 2007 16:36:40 Mats Erik Andersson wrote: >> >>> Hello all, >>> >>> would it be a serious security flaw to arrange >>> that at least the bootfloppy provides a serial >>> console in the form the image is delivered from >>> "factory"? The neccesary changes are easy enough: >>> >>> 1) an addition of "console=ttyS0,19200n8 console=tty0" >>> to the file syslinux.cfg >>> >>> and >>> >>> 2) removal of one hash mark in front of "ttyS0" in >>> /etc/inittab. >>> >>> Such serial access would very much lessen the labour >>> to configure a recycled, but functional machine. >>> >>> Regards >>> >>> Mats Erik Andersson >>> >> Hi Mats; >> >> I talked with Eric Spakman and he remembered, why we removed it from the >> image >> a few years ago: On machines with no serial console attached the screen was >> flooded with messages about init respawning too fast about every five >> seconds. And I think, his memory is correct in that case. >> So we refuse to change it back -. I hope you understand >> > > I agree the proposed solution is unsuitable, but perhaps there's still > something that can be done to address the basic problem. > > What about a one-time script run at boot that checks for a serial port > and fires of a getty if it finds one? That would side-step the > respawning issues with inittab, not require the initrd scripts > dynamically generate inittab based on detected hardware (dangerous > IMHO), but would still allow for serial console access 'out of the box'. > > - -- > Charles Steinkuehler > [EMAIL PROTECTED] > I get around this by having an old machine with an ide to compact flash adapter, a keyboard, a floppy and video. I boot off a modified floppy image that uses the initrd for ide and runs hdsupp.lrp at bootup (without the other stuff like shorewall). I then stepup the compact flash and make it bootable. The machine has a Netgear 311 pci card which is equivalent to the network chips on the WRAP and Soekris. (This verifies network modules are properly loaded). I make repeated bootups, configure everything except the serial console. When everything appears to work, I edit inittab and syslinux.cfg to add the serial console and save the configuration. The CF then goes into the Soekris or WRAP and I have a serial console for fixing any minor mistakes. Usually everything is working at this point and I can use webconf or putty to make any final tweeks. I find this is much faster than scrolling through a long file with a serial console.
LEAF 3.1b2 works great. Don't use the openntpd on the image - use the one found here : http://leaf.cvs.sourceforge.net/leaf/bin/packages/uclibc-0.9/28/ Webconf allows one to edit and start and stop processes from a browser with a login and password. LEAF would be more popular if we could keep the documentation a little more current. That is not a complaint. I appreciate the hard work from the Bearing uClibc team. A New Year resolution is to try to help with documentation for LEAF. I would write up my procedure (geared to a Windows user) and put it on the wiki if I had access. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
